Cybercrime fueled by mature digital underground

John P. Mello, Jr. |
June 28, 2013

Cybercrime is on the rise, spurred by a robust underground economy that's industrialized the making and delivery of tools for criminal behavior, says a report released Wednesday by a maker of device recognition and intelligence solutions.

Cybercrime is on the rise, spurred by a robust underground economy that's industrialized the making and delivery of tools for criminal behavior, says a report released Wednesday by a maker of device recognition and intelligence solutions.

"Cybercrime is on the rise: large-scale fraud attacks, consumer data breaches and politically-motivated Distrbuted Denial of Service (DDoS) attacks on financial institutions and others are costing these businesses billions of dollars every year," said the report by 41st Parameter.

"Much of this growth stems from the maturation of the criminal digital underground and its 'industrial' approach to cybercrime," the report said.

Five top cybercrime trends were identified in the report:

Data Breaches. Stolen identities are the fuel that drives the industrial fraud complex, the report said. This fact has led to some spectacularly large consumer data breaches during the past year including Twitter, LinkedIn and LivingSocial's disclosure that more than 50 million records compromised in April 2013.

Malware. Fraud apps are typically used to impersonate a victim or gain access to their credentials, the report explained. In many cases, malware is designed to avoid detection both by human users and the anti-virus scans that may be running on a device.

Mobile Threats. The popularity of smartphones — some 700 million of them were sold worldwide in 2012 — is being seen as a business opportunity by fraudsters, the report noted. It said that last year, mobile malware threats jumped 163 percent over 2011, infecting some 32.8 million devices — most of them Android devices.

Industrialization. This allows cyber bandits to multiply their effectiveness through automation. Because all online and mobile interactions are 'machine-to-machine' — a user's device interacting with a business's server — cyber interactions naturally lend themselves to automation, the report said. Once a fraudster secures the credentials required to access a victim's accounts, a process can be built in which multiple accounts are accessed automatically.

Distributed Denial of Service Attacks. The first goal of a DDoS attack, the report explained, is to disrupt the operation of a website. That usually leads to increased call center activity, which drives up an organization's costs and undermines customer trust in it.

DDoS attacks can be used for other purposes, too. "What we're finding is that fraudsters are starting to use DDoS attacks as a diversionary tactic," said David Britton, vice president of industry solutions for 41st Parameter.

"They're using it to cover up the actual financial takedown activity that they may be running simultaneously," he told CSO.

Those takedowns are aided by fraud automation, the 41st Parameter report said. Fraud automation allows fraudsters to trade a large number of smaller transactions for fewer, larger transactions. This makes anomaly detection systems less effective while introducing greater requirements to identify, document and reset compromised accounts.